Authentication in Jigsaw.

This section will provide you with a basic explanation of authentication
in Jigsaw.

Filters are attached to specific frames in order to filter accesses
to their resource. These filters are called once at lookup time, and once
at reply time. On the way in (lookup time), they allow you to manipulate
the request before the target resource handles it, and on the way out,
they allow you to manipulate the target's reply before it is emitted back
to the browser.

Although Jigsaw provides a number of filters,
we will focus here on the authentication filter, that authenticate requests
before they are handled by their appropriate target resources. The GenericAuthFilter
is currently the only available authentication filter.

The GenericAuthFilter needs an authentication realm. An authentication
realm is a database that will contain the description of a set of users,
along with their passwords and/or IP adresses.

Each user defines a set of attributes, email, comments, ipadress, password.
The email address is currently unused (but it might be used in the future
for email notification). The comments field is used only for informational
purposes. The ipaddress field allows you to state from which machine the
user is allowed to connect. This field is not mandatory: if left blank,
only the password will be used for authentication (be warned that the password
authentication scheme used by HTTP is very weak, you should always specify
both a password and some IP addresses). If you decide to fill in the ipaddress
field, you can enter multiple addresses for the same user (one per line).
You can use * in the ip address field, meaning that any user connecting
from the given set of IP addresses is to be authentified as the realm user.